Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > CompTIA > CompTIA Certifications > PT0-002 > PT0-002 Online Practice Questions and Answers

PT0-002 Online Practice Questions and Answers

Questions 4

A penetration tester executes the following Nmap command and obtains the following output:

Which of the following commands would best help the penetration tester discover an exploitable service?

A. nmap -v -p 25 -- soript smtp-enum-users remotehost

B. nmap -v -- script=mysql-info.nse remotehost

C. nmap --ocript=omb-brute.noe remotehoat

D. nmap -p 3306 -- script "http*vuln*" remotehost

Buy Now

Correct Answer: B

The Nmap command in the question scans all ports on the remote host and identifies the services and versions running on them. The output shows that port 3306 is open and running MariaDB, which is a fork of MySQL. Therefore, the best command to discover an exploitable service would be to use the mysql-info.nse script, which gathers information about the MySQL server, such as the version, user accounts, databases, and configuration variables. The other commands are either misspelled, irrelevant, or too broad for the task. References: Best PenTest+ certification study resources and training materials, CompTIA PenTest+ PT0-002 Cert Guide, 101 Labs -- CompTIA PenTest+: Hands-on Labs for the PT0-002 Exam

Questions 5

A penetration tester receives the following results from an Nmap scan:

Which of the following OSs is the target MOST likely running?

A. CentOS

B. Arch Linux

C. Windows Server

D. Ubuntu

Buy Now

Correct Answer: C

Questions 6

Penetration tester is developing exploits to attack multiple versions of a common software package. The versions have different menus and )ut.. they have a common log-in screen that the exploit must use. The penetration tester develops code to perform the log-in that can be each of the exploits targeted to a specific version. Which of the following terms is used to describe this common log-in code example?

A. Conditional

B. Library

C. Dictionary

D. Sub application

Buy Now

Correct Answer: B

The term that is used to describe the common log-in code example is library, which is a collection of reusable code or functions that can be imported or called by other programs or scripts. A library can help simplify or modularize the code development process by providing common or frequently used functionality that can be shared across different programs or scripts. In this case, the penetration tester develops a library of code to perform the log-in that can be imported or called by each of the exploits targeted to a specific version of the software package. The other options are not valid terms that describe the common log-in code example. Conditional is a programming construct that executes a block of code based on a logical condition or expression, such as if-else statements. Dictionary is a data structure that stores key-value pairs, where each key is associated with a value, such as a Python dictionary. Sub application is not a standard programming term, but it may refer to an application that runs within another application, such as a web application.

Questions 7

A penetration tester has been given an assignment to attack a series of targets in the 192.168.1.0/24 range, triggering as few alarms and countermeasures as possible.

Which of the following Nmap scan syntaxes would BEST accomplish this objective?

A. nmap -sT -vvv -O 192.168.1.2/24 -PO

B. nmap -sV 192.168.1.2/24 -PO

C. nmap -sA -v -O 192.168.1.2/24

D. nmap -sS -O 192.168.1.2/24 -T1

Buy Now

Correct Answer: D

Reference: https://nmap.org/book/man-port-scanning-techniques.html

Questions 8

A security analyst is conducting an unknown environment test from 192.168 3.3. The analyst wants to limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems. Which of the following Nmap commands should the analyst use to achieve This objective?

A. Nmap –F 192.168.5.5

B. Map –datalength 2.192.168.5.5

C. Nmap –D 10.5.2.2.168.5.5

D. Map –scanflags SYNFIN 192.168.5.5

Buy Now

Correct Answer: D

To limit observation of the penetration tester's activities and lower the probability of detection by intrusion protection and detection systems, the security analyst should use the Nmap -D 10.5.2.2 192.168.3.3 command 1. The -D option is used to conceal the identity of the attacker by using decoy IP addresses. This option can be used to confuse the IDS/IPS and lower the probability of detection 1. References: 1: CompTIA. (2021). CompTIA PenTest+ Certification Exam Objectives. Retrieved from https://www.comptia.org/content/dam/comptia/documents/certifications/Exam%20Objective s/CompTIA-PenTest%2B%20Exam%20Objectives%20PT0-002.pdf

Questions 9

A penetration tester was able to gather MD5 hashes from a server and crack the hashes easily with rainbow tables.

Which of the following should be included as a recommendation in the remediation report?

A. Stronger algorithmic requirements

B. Access controls on the server

C. Encryption on the user passwords

D. A patch management program

Buy Now

Correct Answer: A

Questions 10

A physical penetration tester needs to get inside an organization's office and collect sensitive information without acting suspiciously or being noticed by the security guards. The tester has observed that the company's ticket gate does not scan the badges, and employees leave their badges on the table while going to the restroom. Which of the following techniques can the tester use to gain physical access to the office? (Choose two.)

A. Shoulder surfing

B. Call spoofing

C. Badge stealing

D. Tailgating

E. Dumpster diving

F. Email phishing

Buy Now

Correct Answer: CD

Questions 11

Which of the following tools would be best to use to conceal data in various kinds of image files?

A. Kismet

B. Snow

C. Responder

D. Metasploit

Buy Now

Correct Answer: B

Snow is a tool designed for steganography, which is the practice of concealing messages or information within other non-secret text or data. In this context, Snow is specifically used to hide data within whitespace of text files, which can include the whitespace areas of images saved in formats that support text descriptions or metadata, such as certain PNG or JPEG files. While the other tools listed (Kismet, Responder, Metasploit) are powerful in their respective areas (network sniffing, LLMNR/NBT-NS poisoning, and exploitation framework), they do not offer functionality related to data concealment in image files or steganography.

Questions 12

A potential reason for communicating with the client point of contact during a penetration test is to provide resolution if a testing component crashes a system or service and leaves them unavailable for both legitimate users and further testing. Which of the following best describes this concept?

A. Retesting

B. De-escalation

C. Remediation

D. Collision detection

Buy Now

Correct Answer: C

Communicating with the client point of contact during a penetration test, especially when a testing component crashes a system or service, is crucial for remediation. Remediation involves the process of correcting or mitigating vulnerabilities that have been identified during the test. In the context of a system or service becoming unavailable, it's essential to promptly address and resolve the issue to restore availability and ensure the continuity of legitimate business operations. This communication ensures that the client is aware of the incident and can work together with the penetration tester to implement corrective actions, thereby minimizing the impact on the business and further testing activities.

Questions 13

Given the following user-supplied data:

www.comptia.com/info.php?id=1 AND 1=1

Which of the following attack techniques is the penetration tester likely implementing?

A. Boolean-based SQL injection

B. Time-based SQL injection

C. Stored cross-site scripting

D. Reflected cross-site scripting

Buy Now

Correct Answer: A

The user-supplied data www.comptia.com/info.php?id=1 AND 1=1 is indicative of a Boolean-based SQL injection attack. In this attack, the attacker manipulates a SQL query by inserting additional SQL logic that will always evaluate to true (in this case, AND 1=1) to gain unauthorized access to database information. This type of attack exploits improper input validation in web applications to manipulate database queries. The other attack techniques listed (Time-based SQL injection, Stored cross-site scripting, Reflected cross- site scripting) involve different methodologies and are not demonstrated by the given user- supplied data.

Exam Code: PT0-002
Exam Name: CompTIA PenTest+
Last Update: Mar 28, 2025
Questions: 455

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.